[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] Improving E-mail security...

To: Bengt Ruusunen <bengtij@hotmail.com>, full-disclosure@lists.netsys.com
Subject: RE: [Full-Disclosure] Improving E-mail security...
From: Leif Sawyer <lsawyer@gci.com>
Date: Tue, 26 Aug 2003 15:54:26 -0800

Bengt Ruusunen writes:
> 
> Hello,
> 
> As everybody knows that recent viruses spread via sending 
> spoofed 'sender address'.
> 
> fex.
> 
> I am a person 'someone@someone.com' and got so called 'return 
> mail' from 'someone@receiving.organisation.com' telling that mail
> sent by me (which I never sent in a first place) cannot be delivered.
> Obviously containg somekind malware as an attachment.
>[...]
> - E-mail receiving server could check that 'very first original'
> From: line and if it is same than the receiver address ie.
> 'someone@someone.com'
> 
> Perform an check to see if the 'sender identification' ie. 
> salted public key, GUID or something (X-Authenticated-Guid: 
> #0a845d299ca340087140) exists in mail header.
> 
> Delivery should be done only if an 'sender identification' 
> exist and the key matches.


What about mail MUA/servers which silently drop your optional
X-Authenticated-Guid: header?  You would be trashing every
mail from those clients.

Now if you used this in tandem with a spam filter software
like SpamAssassin, you could use it to re-weight the probability
of the response.

smime.p7s

Prev by Date: Re: [Full-Disclosure] Someone hacked anti-spam database. World bouncing email
Next by Date: Re: [Full-Disclosure] CERT Employee Gets Owned
Prev by thread: Re: [Full-Disclosure] [LONG] Improving E-mail security...
Next by thread: RE: [Full-Disclosure] Improving E-mail security...
Index(es):
- Date
- Thread